Cyber hack of Industrial and Commercial Bank of China’s US broker-dealer rocks Wall Street

This serves as a wakeup call for the financial sector and raises some concerns about the resilience of the $26 trillion treasury market

Reuters New York Published 14.11.23, 11:40 AM

Representational image File picture

The cyber hack of Industrial and Commercial Bank of China’s US broker-dealer was so extensive on Wednesday that even the corporate email stopped working and forced employees to switch to Google mail, according to two people familiar with the situation.

The blackout left the brokerage temporarily owing BNY Mellon $9 billion, an amount many times larger than its net capital, a measure of resources at hand to promptly satisfy claims.

Those details and what happened next, some of which are reported here for the first time, show how the ransomware attack pushed the firm owned by China’s largest bank close to the brink. And they serve as a wakeup call for the financial sector and raise some concerns about the resilience of the $26 trillion treasury market.

ICBC’s New York-based unit, called ICBC Financial Services, got a cash injection from its Chinese parent to help pay back BNY, and it manually processed trades with the custody bank’s help.

ICBC told market participants on an industry call on Friday afternoon that it was working with a cybersecurity firm, called MoxFive, to set up secure systems that would allow it to resume normal business on Wall Street, according to the sources. But ICBC expected that process to take at least until Monday, they said.

In the interim, the firm had asked its clients to temporarily suspend business and clear trades elsewhere, the sources said. Other market participants, meanwhile, looked through their own books to see whether they had any exposure and sought to reroute trades, one of the sources said.

ICBC Financial Services could not be reached for comment. ICBC did not respond to a request for comment.

On its website, the brokerage said it has been “progressing its recovery efforts with the support of its professional team of information security experts.” It said it had cleared Treasury trades executed on Wednesday and repo financing trades done on Thursday.

Moxfive executives did not respond to requests for comment. The ransomware attack, claimed by cybercrime gang Lockbit, comes at a time of heightened worries about the resiliency of the treasury market, which is essential to the plumbing of global finance. After upheavals there — most recently during the pandemic —threatened financial stability, US authorities launched a broad review of its functioning.

Reuters

Cyber hack of Industrial and Commercial Bank of China’s US broker-dealer rocks Wall Street

This serves as a wakeup call for the financial sector and raises some concerns about the resilience of the $26 trillion treasury market

RELATED TOPICS

This election is for Modi's mission, not ambition, says PM; dares Cong to restore Article 370

Rahul Gandhi may contest from Amethi, say sources; official announcement likely tonight

No political clearance was either sought or issued: MEA on Revanna's travel to Germany

BJP is not against Muslims; In 5 Islamic countries, Modi has been conferred with highest honour

BJP replaces Brij Bhushan Singh with his son as its candidate from Kaiserganj LS seat

Can't devise policy in middle of polls, trust ECI to take action: Delhi HC on deepfake videos

Registering voters for beneficiary schemes under guise of surveys needs to stop: EC to parties

Calcutta Police bans laser light shows near airport after pilots complain of blinding effect

Five wonder moments involving children in Satyajit Ray films

Tharoor on Revanna sex scandal: Will echo in rest of LS polls, BJP to have tough times

Rahul Gandhi's election campaign will end with Congress Dhundho Yatra on June 4

LS polls: TMC leader files RTI seeking absolute number of voter turnout in first 2 phases